{"id":"JLSEC-2026-87","summary":"NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures...","details":"NSSCryptoSignBackend.cc in Poppler before 25.04.0 does not verify the adbe.pkcs7.sha1 signatures on documents, resulting in potential signature forgeries.","modified":"2026-04-13T14:46:56.049632700Z","published":"2026-04-13T13:20:05.063Z","upstream":["CVE-2025-43903","EUVD-2025-11892","GHSA-4w9g-4h2x-7qxq"],"database_specific":{"sources":[{"published":"2025-04-18T21:15:44.673Z","imported":"2026-04-13T04:14:33.304Z","url":"https://services.nvd.nist.gov/rest/json/cves/2.0?cveId=CVE-2025-43903","modified":"2025-10-06T16:37:14.947Z","html_url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43903","id":"CVE-2025-43903"},{"imported":"2026-04-13T04:14:53.479Z","html_url":"https://github.com/advisories/GHSA-4w9g-4h2x-7qxq","url":"https://api.github.com/advisories/GHSA-4w9g-4h2x-7qxq","modified":"2025-04-18T21:31:28Z","published":"2025-04-18T21:31:21Z","id":"GHSA-4w9g-4h2x-7qxq"},{"html_url":"https://euvd.enisa.europa.eu/vulnerability/EUVD-2025-11892","published":"2025-04-18T21:31:21Z","modified":"2025-04-18T21:31:21Z","url":"https://euvdservices.enisa.europa.eu/api/enisaid?id=EUVD-2025-11892","imported":"2026-04-13T04:14:34.589Z","id":"EUVD-2025-11892"}],"license":"CC-BY-4.0"},"references":[{"type":"WEB","url":"https://gitlab.freedesktop.org/poppler/poppler/-/commit/f1b9c830f145a0042e853d6462b2f9ca4016c669"},{"type":"WEB","url":"https://nvd.nist.gov/vuln/detail/CVE-2025-43903"},{"type":"WEB","url":"https://github.com/advisories/GHSA-4w9g-4h2x-7qxq"}],"affected":[{"package":{"name":"Poppler_jll","ecosystem":"Julia","purl":"pkg:julia/Poppler_jll?uuid=9c32591e-4766-534b-9725-b71a8799265b"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"25.10.0+0"}]}],"database_specific":{"source":"https://github.com/JuliaLang/SecurityAdvisories.jl/tree/generated/osv/2026/JLSEC-2026-87.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N"}]}